Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/nuyjmwM0tgzVRwm8el-0bJBUxLI.roa
File: nuyjmwM0tgzVRwm8el-0bJBUxLI.roa (raw, json)
Hash identifier: WtLnKllYh32pq24CTN4vGALuk5JwWbChY+TC8tHxp2E=
Subject key identifier: 9E:EC:A3:9B:03:34:B6:0C:D5:47:09:BC:7A:5F:B4:6C:90:54:C4:B2
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 018571FA2CF5A5FF37E040566E6693D176D5
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/nuyjmwM0tgzVRwm8el-0bJBUxLI.roa
Signing time: Mon 02 Jan 2023 10:14:58 +0000
ROA not before: Mon 02 Jan 2023 10:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48294
IP address blocks: 185.124.0.0/22 maxlen: 22
185.70.32.0/22 maxlen: 22
91.132.128.0/22 maxlen: 22
185.126.160.0/22 maxlen: 22
85.9.192.0/18 maxlen: 18
45.86.222.0/23 maxlen: 23
45.91.36.0/22 maxlen: 22
84.252.104.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Mar 2023 16:40:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:2c:f5:a5:ff:37:e0:40:56:6e:66:93:d1:76:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: Jan 2 10:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9eeca39b0334b60cd54709bc7a5fb46c9054c4b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:17:b8:01:e5:9c:d6:10:c6:e3:37:db:5c:d1:
98:26:0b:37:00:0b:62:f7:51:13:3e:f0:44:63:db:
e5:18:26:3d:f6:70:be:e3:eb:78:44:5b:bb:8a:ee:
0a:66:93:e9:4e:fc:7d:9b:1a:42:e4:12:5e:b5:73:
02:a3:a6:c9:b6:6b:8e:ce:34:2f:76:66:aa:6f:d1:
67:48:be:9a:5c:75:9a:73:4c:a1:04:1c:d4:bd:38:
7f:d7:f7:4b:5f:b7:9f:f7:80:94:b5:45:7f:4f:fd:
40:c7:8c:88:d2:04:1a:52:88:5e:7c:7c:4c:65:2a:
2f:f9:6d:10:b5:78:8f:98:8f:78:3a:5f:1c:8f:35:
a7:6b:9f:c8:80:3b:dc:63:28:3e:8a:3b:04:e3:8a:
fb:51:38:6d:5b:9d:e0:6f:57:18:4d:76:bb:3c:da:
f3:26:91:70:5a:f9:96:e3:35:97:a7:db:f9:23:b0:
3b:d2:88:7a:1a:bb:26:d2:f7:86:d4:81:e3:bc:37:
a1:39:39:bf:65:5c:8f:7e:67:1f:04:11:a1:23:12:
de:de:7f:db:21:ca:ca:28:ec:b3:eb:2e:97:5e:ca:
db:2f:7c:63:dc:11:f7:07:f2:9f:3f:43:66:f8:5c:
c0:46:0e:b1:fc:5d:9d:46:80:77:2f:13:88:03:97:
f0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:EC:A3:9B:03:34:B6:0C:D5:47:09:BC:7A:5F:B4:6C:90:54:C4:B2
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/nuyjmwM0tgzVRwm8el-0bJBUxLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.222.0/23
45.91.36.0/22
84.252.104.0/24
85.9.192.0/18
91.132.128.0/22
185.70.32.0/22
185.124.0.0/22
185.126.160.0/22
Signature Algorithm: sha256WithRSAEncryption
09:ba:97:5b:38:9c:80:b4:48:b2:75:65:30:2e:ca:48:88:49:
1f:8f:fa:02:50:f8:5f:a2:a8:d5:b8:cd:62:61:a8:e3:a6:bc:
ee:53:ae:27:d6:58:3d:c6:69:6c:a9:60:45:79:5e:14:12:87:
34:48:34:2a:47:3b:c0:58:05:bc:31:87:4b:cd:82:74:c7:f7:
d0:27:4b:7a:08:81:82:76:da:4a:e4:1c:6c:90:63:d0:fb:a3:
66:b6:3d:70:d4:31:5d:78:dd:6d:eb:c2:b0:60:69:34:8a:59:
6f:8e:3d:01:ca:d2:08:a8:aa:fd:b0:7c:65:90:b6:32:bc:e8:
1e:a9:ca:4a:d7:fa:4a:10:0d:61:2c:7a:d6:e1:7f:9e:10:b5:
e6:71:0d:55:97:7c:8c:2b:63:f1:98:30:ed:7c:41:cc:4a:6e:
69:6e:cb:d9:18:d5:0c:29:84:19:be:09:83:b5:f3:39:d4:4e:
5c:d2:81:46:4d:4f:3a:7c:b8:16:ec:f8:5d:48:8a:7c:81:a5:
57:43:45:1d:6e:3b:35:ae:b8:af:d1:bf:ef:ef:03:3e:4d:a2:
9c:92:53:76:4f:03:f3:d4:2c:2b:d3:a6:ee:10:e9:f7:3c:30:
8c:92:0d:2f:5d:da:76:0a:55:d0:5d:89:ce:86:d9:b3:fc:7a:
bd:1c:c6:c6
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVx+iz1pf834EBWbmaT0XbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjMwMTAyMTAxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWVjYTM5YjAzMzRiNjBjZDU0NzA5YmM3YTVmYjQ2YzkwNTRjNGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixe4AeWc1hDG4zfbXNGYJgs3AAti
91ETPvBEY9vlGCY99nC+4+t4RFu7iu4KZpPpTvx9mxpC5BJetXMCo6bJtmuOzjQv
dmaqb9FnSL6aXHWac0yhBBzUvTh/1/dLX7ef94CUtUV/T/1Ax4yI0gQaUohefHxM
ZSov+W0QtXiPmI94Ol8cjzWna5/IgDvcYyg+ijsE44r7UThtW53gb1cYTXa7PNrz
JpFwWvmW4zWXp9v5I7A70oh6Grsm0veG1IHjvDehOTm/ZVyPfmcfBBGhIxLe3n/b
IcrKKOyz6y6XXsrbL3xj3BH3B/KfP0Nm+FzARg6x/F2dRoB3LxOIA5fwJwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJ7so5sDNLYM1UcJvHpftGyQVMSyMB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvbnV5am13TTB0Z3pWUndtOGVsLTBiSkJVeExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLVbeAwQC
LVskAwQAVPxoAwQGVQnAAwQCW4SAAwQCuUYgAwQCuXwAAwQCuX6gMA0GCSqGSIb3
DQEBCwUAA4IBAQAJupdbOJyAtEiydWUwLspIiEkfj/oCUPhfoqjVuM1iYajjprzu
U64n1lg9xmlsqWBFeV4UEoc0SDQqRzvAWAW8MYdLzYJ0x/fQJ0t6CIGCdtpK5Bxs
kGPQ+6Nmtj1w1DFdeN1t68KwYGk0illvjj0BytIIqKr9sHxlkLYyvOgeqcpK1/pK
EA1hLHrW4X+eELXmcQ1Vl3yMK2PxmDDtfEHMSm5pbsvZGNUMKYQZvgmDtfM51E5c
0oFGTU86fLgW7PhdSIp8gaVXQ0Udbjs1rriv0b/v7wM+TaKcklN2TwPz1Cwr06bu
EOn3PDCMkg0vXdp2ClXQXYnOhtmz/Hq9HMbG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:02 2024 by rpki-client on console-ams.rpki-client.org